A new type of cyberattack detected in recent weeks robs its victims of WhatsApp account taking advantage of the trust it has in their contacts, as warned from the cybersecurity company Check Point.
When a user changes phones and wants to transfer their WhatsApp account, the tech company sends an SMS authentication to the old phone number so they can enter it into the new one.
This process allows you to change the WhatsApp application from one number to another. However, it is also the cybercriminal’s gateway to the victim’s account. “The first thing to know about this cyberattack is that the main asset for the cybercriminal is to take advantage of the victim’s trust,” says Check Point’s technical director for Spain and Portugal, Eusebio Neva.
“It is for this reason that the way to carry out this attack is based on the fact that, previously, this cybercriminal has managed to attack one of the contacts of the victim in question and steal all the phone numbers he had,” add.
In this way, you get the victim number, which you use to write to WhatsApp and request the SMS code for authentication. Then, posing as a known contact, he writes to the victim requesting that code, alleging that they were wrong to order it.
“The essential thing for this cyberattack is that the victim trusts the number that is talking to him, because when he meets him he trusts. Simple, but effective,” the manager emphasizes.
Stealing a WhatsApp account opens the door to other attacks, for example, against contacts you have in your phonebook. So, you can send an SMS with a link that redirects to a site with ‘malware’ or send a message via WhatsApp of the type “look how interesting, download it”, also with a malicious link.
However, it can also give rise to the infection of the mobile device to access different applications and the movements of the victim or to introduce a banking Trojan into the device to steal bank data and thereby obtain an economic benefit.
Recovering your account is not easy. “The only way would be to talk to WhatsApp to inform them of account theft and for them to automatically cancel that account with that phone number,” the manager explains. In addition, you should report what has happened to the Civil Guard or the National Police so that they can track your phone and “check all possible communications you have had with other users and minimize casualties.”
To protect against this type of attack, “the most important thing is that when a person receives an SMS read it carefully,” says Neva. “It’s important to keep in mind that you have to be very careful with the codes that are sent and know that you should never send a code that you receive to anyone, no matter what they tell you or whoever you are. is applying, ”he concludes.